mcp-atlassian — Vulnerabilities & Security Advisories 2

All 2 CVE vulnerabilities found in mcp-atlassian, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-27825	MCP Atlassian has an arbitrary file write leading to arbitrary code execution via unconstrained download_path in confluence_download_attachment CWE-22	9.1	Critical	2026-03-10
CVE-2026-27826	MCP Atlassian has SSRF via unvalidated X-Atlassian-Jira-Url / X-Atlassian-Confluence-Url headers CWE-918	8.2	High	2026-03-10

All 2 known CVE vulnerabilities affecting mcp-atlassian with full Chinese analysis, references, and POCs where available.